add sshd_port variable enabling you to set a different port for sshd, default is 22

diff --git a/manifests/init.pp b/manifests/init.pp
index e48524d5ad818a164f3005f9852727f8d50089e2..c2f318c83ffcbe05115500423c8a2b6b8bf3162e 100644 (file)
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -80,7 +80,9 @@
 # sshd_permit_empty_passwords: If you want enable PermitEmptyPasswords to allow empty passwords
 #                              Valid Values: yes or no
 #                              Default: no
-
+#
+# sshd_port:                    If you want to specify a different port than the default 22
+#                               Default: 22
 
 class sshd {
     include sshd::client 
@@ -159,6 +161,10 @@ class sshd::base {
        '' => 'no',
        default => $sshd_permit_empty_passwords
     }
+    $real_sshd_port = $sshd_port ? {
+      '' => 22,
+      default => $sshd_port
+    }
     
     file { 'sshd_config':
         path => '/etc/ssh/sshd_config',

diff --git a/templates/sshd_config/CentOS_normal.erb b/templates/sshd_config/CentOS_normal.erb
index a0ec7865db399b929d86961792981b23354b1bcd..3217b4e3854438eca0004b13579afb73a610d6cc 100644 (file)
--- a/templates/sshd_config/CentOS_normal.erb
+++ b/templates/sshd_config/CentOS_normal.erb
@@ -10,7 +10,12 @@
 # possible, but leave them commented.  Uncommented options change a
 # default value.
 
-#Port 22
+<%- unless real_sshd_port.to_s.empty? then %>
+Port <%= real_sshd_port %>
+<%- else %>
+Port 22
+<%- end %>
+
 #Protocol 2,1
 Protocol 2
 #AddressFamily any

diff --git a/templates/sshd_config/Debian_normal.erb b/templates/sshd_config/Debian_normal.erb
index f6a2a816c375587cf425710abe02cacba9872acb..7cdb5f261bdd6c4b076e7ed3964ef730f7603e0d 100644 (file)
--- a/templates/sshd_config/Debian_normal.erb
+++ b/templates/sshd_config/Debian_normal.erb
@@ -2,7 +2,13 @@
 # See the sshd(8) manpage for defails
 
 # What ports, IPs and protocols we listen for
-# Port 22
+
+<%- unless real_sshd_port.to_s.empty? then %>
+Port <%= real_sshd_port %>
+<%- else %>
+Port 22
+<%- end %>
+
 # Use these options to restrict which interfaces/protocols sshd will bind to
 #ListenAddress ::
 #ListenAddress 0.0.0.0

diff --git a/templates/sshd_config/Gentoo_normal.erb b/templates/sshd_config/Gentoo_normal.erb
index ca6b90addcc9e1d655e175b98924c3de625d8ec3..c8e2ee1117fe88bd8275a9b601d319faa2356068 100644 (file)
--- a/templates/sshd_config/Gentoo_normal.erb
+++ b/templates/sshd_config/Gentoo_normal.erb
@@ -10,7 +10,12 @@
 # possible, but leave them commented.  Uncommented options change a
 # default value.
 
-#Port 22
+<%- unless real_sshd_port.to_s.empty? then %>
+Port <%= real_sshd_port %>
+<%- else %>
+Port 22
+<%- end %>
+
 #AddressFamily any
 #ListenAddress 0.0.0.0
 #ListenAddress ::

diff --git a/templates/sshd_config/OpenBSD_normal.erb b/templates/sshd_config/OpenBSD_normal.erb
index 96d8bbd36c3570cbcdc2637f93df17884f4108b3..139613a7b01df665cf5a570ab126e1f0eea64551 100644 (file)
--- a/templates/sshd_config/OpenBSD_normal.erb
+++ b/templates/sshd_config/OpenBSD_normal.erb
@@ -8,7 +8,12 @@
 # possible, but leave them commented.  Uncommented options change a
 # default value.
 
-#Port 22
+<%- unless real_sshd_port.to_s.empty? then %>
+Port <%= real_sshd_port %>
+<%- else %>
+Port 22
+<%- end %>
+
 #Protocol 2,1
 #AddressFamily any
 #ListenAddress 0.0.0.0